CVE-2016-9193

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in the malicious file detection and blocking features of Cisco Firepower Management Center and Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass malware detection mechanisms on an affected system. Affected Products: Cisco Firepower Management Center and FireSIGHT System Software are affected when they are configured to use a file policy that has the Block Malware action. More Information: CSCvb27494. Known Affected Releases: 6.0.1.1 6.1.0.

Weaknesses (CWE)

CWE-20

Affected Products (12)

cisco · firesight_system_softwarevulnerable

cisco · secure_firewall_management_centervulnerable

cisco · secure_firewall_management_center

References (6)

http://www.securityfocus.com/bid/94801

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037421

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower

Vendor Advisory

http://www.securityfocus.com/bid/94801

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037421

Third Party AdvisoryVDB Entry

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161207-firepower